Top Nav

Vista more secure than Mac OSX and Linux?

Judging by figures alone, Vista is more secure than Mac OSX and Linux? I somehow find this a rather strange claim, I guess these things are always subjective.

Most numbers can be moulded into any shape you want, and can show any result you like.

According to the numbers given in a new report from Microsoft, Windows Vista has blown away all the major enterprise Linux distributions and Mac OS X as far as having the smallest amount of serious security vulnerabilities in the six months since its release. The numbers were compiled by Jeff Jones, the security strategy director in Microsoft’s Trustworthy Computing Group.

“The results of the analysis show that Windows Vista continues to show a trend of fewer total and fewer High severity vulnerabilities at the 6-month mark compared to its predecessor product Windows XP (which did not benefit from the SDL [Secure Development Lifecycle] and compared to other modern competitive workstation OSes (which also did not benefit from an SDL-like process),” Jones wrote in a blog posting about the report on June 21.

I’ve heard some things about this report though, for example flaws in Firefox WERE counted under Linux, but flaws in IE were NOT counted under Vista.

In the report, available as a PDF download on Jones’ blog, Jones compares the number of vulnerabilities of critical, medium and low severity that have been discovered in Vista with those found in Windows XP, Red Hat Enterprise Linux 4 Workstation, Ubuntu 6.06 LTS, Ubuntu 6.06 LTS—Reduced Component Set, Novell SUSE Linux Enterprise Desktop 10.8, Novell SLED 10—Reduced Component Set and Apple Mac OS X v10.4.

The score, according to Jones: In the first six months of the Vista life cycle, Microsoft has released four major security bulletins that address 12 total vulnerabilities affecting Windows Vista.

Plus the amount of software packages included in these linux distributions are 100x times more than those in Vista, so it’s not really a fair comparison is it? I’m sure you if you counted core services and OS system files, the figures would look a lot different.

It’s a pretty comprehensive article, so do check it out and let us know what you think.

September 15, 2017 - 158 Shares

22 Responses to Vista more secure than Mac OSX and Linux?

I agree that mm statistics like this are very subjective. Not least that Vista is mm closed source etc. If you compared the vulnerability reports from the first six months after release of another widely-distributed closed source mm OS, then Im sure Vista could have the edge. As you said, hundreds of packages are included with most Linux distros. It’s a shame that mm Microsoft have to publish these reports to mm try and convince themselves they are secure…

Wow thats weird, and numbers like you say, are sometimes very flexible, moreover, i doubt its really true.

I mean, the 2nd or 3rd week vista was released, there were already people who messes around with botnets adding vista exploits to their bots which scans for vista machines and automatically exploit it.

Surprisingly, others who slammed the guy for adding vista exploits saying there wont be many victims due to most people sticking to xp for the time being was actually proved wrong, as the guy was getting over 300-500 bots a day, so he claims.

How true that is, I’ve got no idea but yea, its really a surprise that the report showed Vista having the least of vulnerabilities.

Well its absurd… even windows XP is claimed as 2nd most secure system after the vista… :) Vista got edge as its still not being widely used… and XP is so mature (with 100s of patches to cover its injuries) that most of the vulnerabilities have been fixed…

that comparison is just not right… and who knows id he was using ubuntu and other distros with latest patches..

Another reason that the report is suspect: it was based on publicly released vulnerabilities for the first 90 days. Combine that data restriction with the normal delay given for “responsible disclosure” and what do you have?

I think that W32.deletemusic, Trojan.Peacomm, Romario-A and about another zillion worms, viri and other assorted malware would disagree with those “numbers”. I just wrote articles on all three of those lovely yet nasty pieces of code, and they are all aimed at machines running Windows (95 to Vista).

Conclusion, I’ll take either of my linux partitions over my WinXP partition any day. And I will NEVER use Vista! If I could afford it, I would get a Mac over a pre-installed Windows machine. There are just too many hassels with Windows and its outdated structure. Any form of *Nix is just better than Windows for both security and efficiency.

@Daniel
To be honest, I don’t know too much about viri and or malware for Vista64. As for plain old vista, I am pretty sure that most modern (people are moving towards info gathering and away from viri and worms) attacks that work on XP will work on Vista. As for worms and vista, I can only personally confirm the W32.Deletemusic one for affecting vista. However, the Vista Kernel is still NT based (right?) which leaves it open to pretty much anything written for XP. Also, ‘in my opinion’ the registry is a liability, and there’s no real way to totally protect it.

However, Vista64 may very well be the most secure OS, I have no way to test it. I sure as heck don’t know anyone codeing for it.

In the end the real vulnerability to any OS is the user. To me, it seems that the average Windows user is less knowledgeable, which means more vulnerable, than anyone else. Mac OS X is a little better cause it protects itself from the average user, although safari is a big soft spot to punch at for hackers. People who use *nix are generally more willing to learn a bit about their system, and usually use more than 1 OS, so they are “in general” the least likey to get USED.

@TheRealDonQuixote
One assumes Vista64 is still NT kernel, and I KNOW it still has the registry, so I don’t see how it can be all that much secure…

But on the user point, I have to say, the average first time *nix user whos just migrated, probably to Ubuntu these days, is likely to have no extra security, whereas even the total n00b MSwindows user is likely to have something, what with all the security firms advertising on the web these days.

@Nobody_Holme
I would say that the first time *NIX user has come from Windows already having become tired of all its suckness, at least that’s why I went with Linux. Although, you do have a point with the Ubuntu craze. Its too easy to install and not even know that you have no firewall setup or Anti-Vir apps. Ubuntu may be getting too popular for its own good.

On another note, anyone use Vista with those two package updates? Did it fix anything? Just wondering.

Well yes UBUNTU has given a totally new dimnsion to *nix OS. People who used to be scared of uneasy user interface of *nix systems, now find UBUNTU much easier to use and maintain.. the installation is all so easy and can be done with just one click..

On the same note, hardening a *nix system is not difficut too. if properly hardened I’m sure ubuntu (debian based OS) is much more secure than resource hungry VISTA and for sure XP

Sandeep: I use Kubuntu right now cause I need the pure KDE desktop to match BackTrack. So far Guard Dog is the best balance of control and ease of use for a firewall. KlamAV + ClamAV works well enough for viri. As for spyware and other assorted malware I’m stuck with the CLI and manual scans with CHrootkit.

That’s not too bad for a burgeoning system. Also I run TORk when I feel like being all stealthy. Still, I’ll probably go back to Slax and backtrack when I’m done with my current project.

Even as a user of VISTA on one of my computers, I think this is pretty much just marketing talk. Of course, the fact the VISTA isn’t exactly popular and doesn’t have a huge market penetration yet isn’t mentioned. I’m sure that there will be plenty of bugs / attacks on VISTA as it is used more.

@Daniel – I got caught with the “Please add # and #” thing enough times that I always copy all my text before submitting, just in case I waited too long and it gets zapped. That way I can paste the text into another comment if it gets lost.

I have a “spam catching” app/service on my wordpress blog and it sometimes throws out the baby with the bath water. I wish I could have the adding “captcha” thingy. Akismet catches almost all the spam, AND I lose some real comments too. However, its free and I can’t afford my own hosting.

I dont think vista is more secure than other distros. Meta exploits can still attack it. And soon as you install firefox with ie you are vunerable.

More so, numbers can me moulded. I agree with this statment. At our work, we sell clients a vista computer. However, it comes with downgrade XP cd’s. We use these to remove vista and install XP on it. However, microsoft count it as a vista sale. silly hey?

Thats sad that microsoft thinks there more secure than any other os out there . When they are the most targeted and most used operating system. plus how can he count firefox bug in linux and not ie bugs in vista . something is just not right.